Log if cookie login failed with token mismatch or session unavailability

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 7aea219b6089e42bb350f8bc5e9d687d929e228b..4ef9e6fdbcbfacd4ee3c2afd60d8634f6ff9bfc3 100644 (file)
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -877,6 +877,10 @@ class Session implements IUserSession, Emitter {
                $tokens = $this->config->getUserKeys($uid, 'login_token');
                // test cookies token against stored tokens
                if (!in_array($currentToken, $tokens, true)) {
+                       $this->logger->error('Tried to log in {uid} but could not verify token', [
+                               'app' => 'core',
+                               'uid' => $uid,
+                       ]);
                        return false;
                }
                // replace successfully used token with a new one
@@ -888,6 +892,10 @@ class Session implements IUserSession, Emitter {
                        $sessionId = $this->session->getId();
                        $token = $this->tokenProvider->renewSessionToken($oldSessionId, $sessionId);
                } catch (SessionNotAvailableException $ex) {
+                       $this->logger->warning('Could not renew session token for {uid} because the session is unavailable', [
+                               'app' => 'core',
+                               'uid' => $uid,
+                       ]);
                        return false;
                } catch (InvalidTokenException $ex) {
                        \OC::$server->getLogger()->warning('Renewing session token failed', ['app' => 'core']);